Appl. No. 10/506,815 

Amdt. dated January 21, 2008 

Reply to Office Action of September 20, 2007 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in 
the application: 

Listing of Claims: 

1 . (Currently amended) A data network management system for identifying 
unauthorized access to a data network service, provided at a service node in a 
data network, by a user node in said data network, said service node having an 
agent and having means for maintaining a user access list, said user access list 
having at least one data network address corresponding to at least one user node 
in said data network, said system comprising: 

a data communication means for periodically polling said agent at said 
service node and for retrieving a user access list from said agent; 

a database for maintaining an authorized access list for said service node; 

and 

a data processing means for comparing said user access list to said 
authorized usef-access list and for updating said authorized user-access listf-saki 

a&4;^ri«N^^ based on aB-wdated- the user access list fef -retrieved 

from said agent. 

2. (Previously presented) The data network management system as defined 
in claim 1 , wherein said agent is a Simple Network Management Protocol agent. 

3. (Previously presented) The data network management system as defined 
in claim 1, wherein said data communication means is a Simple Network 
Management Protocol communication means. 

4. (Previously presented) The data network management system as defined 
in claim 1 , further including means for installing said agent at said service node, 
said agent having means to communicate with said data communication means. 
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5. (Currently amended) A method for identifying unauthorized access to a 
data network service, provided at a service node in a data network, by a user 
node in said data network, said service node having an agent and having means 
for maintaining a user access list, said user access list having at least one data 
network address corresponding to at least one user node in said data network, 
said step^ -method comprising: 

a) periodically polling an agent and retrieving said user access list, for 
a given period of time, from said service node in said data network; 

b) comparing said user access list to an authorized access list; 

c) determining if an sa^^Bfe-Gn^ed access to said service node was 
unauthorized e eewest— based on comparing said user access list to the 
authorized access list -s^k^e^^f^S0B-^f^; and 

d) if d0t0r-mine^4l^at--said y^at^Gffeea- access •98€w-r-e^-4n-st0p-e)was 
not authorized , initiating a notification process^ 

wherein sai d user ac cess list identifies a. plurality of acc esses to said 
service node. 



6. (Currently amended) The method as defined in claim 5, further including 

a - ^to p-e f -u pdati ng said authorized access list based on a f^- u pdat e d -said user 
access list previded- ^retrieved from said a^errt service node . 

7. (Currently amended) The method as defined in claim 5, further including 
a st e p of installing said agent at said user node, prior to periodically polling and 
retrieving said user access list-ifretep-a). 

8. (Currently amended) The method as defined in claim 5, further including 
a-step-of-selecting said service node for identification based on a predetermined 
criteria, prior to retrieving said user access lis t in- sfe fe-a). 
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9. (Currently amended) The method as defined in claim 5, wherein said 
notification process faffe€^4nd notifying a Network 
Operations Console. 

10. (Currently amended) The method as defined in claim 5, wherein sleps a) 
through c) are repeated, and wherein said user node is selected from one of a 
plurality of user nodes in said data network. 

1 1 . (Currently amended) The method as defined in claim 5, wherein step s a) 
through d) are repeated, and wherein said user node is selected from one of a 
plurality of user nodes in said data network. 

12. (Previously presented) The method as defined in claim 5, wherein said 
agent is a Simple Network Management Protocol agent. 

13. (Currently amended) A computer-readable medium for identifying 
unauthorized access to a data network service, provided at a service node in a 
data network, by a user node in said data network, said service node having an 
agent and having means for maintaining a user access list, said user access list 
having at least one data network address corresponding to at least one user node 
in said data network, and said medium having stored thereon, computer-readable 
and computer-executable instructions which, when executed by a processor, 
cause said processor to perform steps comprising: 

a) periodically polling an agent and retrieving said user access list, for 
a given period of time, from said service node in a data network; 

b) comparing said user access list to an authorized access list; 

c) determining if £^d-4^^#K^fe^e4-an access to said data network 
service eee&iR^4-was authorized based on said comparison step b); 

d) if determined that said unauthorized access was 




, initiating a notification process. 
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14. (Previously presented) The computer-readable medium as defined in 
claim 13, further containing computer-readable and computer-executable 
instructions which perform a step of updating said authorized access list based on 
user access information. 

15. (Previously presented) The computer-readable medium as defined in 
claim 13, further containing computer-readable and computer-executable 
instructions which perform a step of installing said agent at said user node, prior 
to retrieving said user access list in step a). 

16. (Previously presented) The computer-readable medium as defined in 
claim 13, further containing computer-readable and computer-executable 
instructions wherein said steps a) through c) are repeated, and wherein said user 
node is selected from one of a plurality of user nodes in said data network. 

17. (Previously presented) The computer-readable medium as defined in 
claim 13, wherein said agent is a Simple Network Management Protocol agent. 

18. (Currently amended) A computer for use in a data network for identifying 
unauthorized access to a data network service, provided at a service node in a 
data network, by a user node in said data network, said service node having an 
agent and having means for maintaining a user access list, said user access list 
having at least one data network address corresponding to at least one user node 
in said data network; said computer comprising: 



a central processing unit; 

[[a]] data communication means for periodically polling said agent at said 
service node and retrieving a user access list from said agent; and 



m ea n s for storing an authorized access list for said service 



node ; 
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[[a]] data processing means for comparing said retrieved user access list 
to said authorized yse^-access list and for updating said authorized user access 

listrH$aid~-ay#HW^ 

based on am^date4the_user access list fef 

retrieved from said agent. 

1 9. (Currently amended) The data network as defined in claim 1 , wherein said 
authorized user-access list is a common authorized user access list r -a^wh^fem 




for comparing to said user access list to determine if said user access list is a 
subset of said common authorization i«ef access list. 

20. (New) The data network management system of claim 1 wherein said 
user access list identifies a plurality of accesses to said service node. 





that includes a range of user nodes 
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